I have to admit, I’m getting very tired of writing about the latest rogue software threat circulating on the Internet. Frankly, I find it extremely depressing.

There seems to be no end to this stuff, and keeping up with it is becoming increasingly more difficult when you consider, there are already more than 370 rogue applications circulating on the Internet.

Crafty cyber-crooks are at it again with the release of CoreGuard 2009 Antivirus, yet another rogue security application seeking out unaware users in order to infect their computers, and to steal their money.

In this case, the crooks want the victims to purchase CoreGuard 2009 for $76.50 to clean the infected machine – which of course it won’t.

Like all rogue security applications, Core Guard 2009 is a master at using Trojans, and fake advertising, to convince unaware Internet users to install this parasitic application.

With a little luck, some hard work on your part and using the recommended removal tools, you can hopefully stomp on Core Guard 2009.

Fortunately, from what I can determine, Core Guard 2009 must be downloaded voluntarily, from rogue security software websites, or from “adult” websites. This method does not limited the scope of this parasite, in my view, since many typical users are well trained in clicking on virtually everything they see on the Internet. Delivery methods used by this parasite include dropping a Trojan, which may go on to download other harmful software.

Once installed, this parasite can impact a computer in a number of ways including changing Internet browser settings, connecting to the internet, delivering adware, disguising itself to remain hidden from the user, and running as a background process.

The objective of CoreGuard 2009, which is the objective of all Rogue Security Software, is to convince the victim to pay for the “full” version of the application, as described above, in order to remove what are, in fact, false positives that this program is designed to display on the infected computer in various ways, including fake scan results, pop-ups and system tray notifications.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

Rogue Security Software unfortunately, is usually very sophisticated and can write itself into multiple parts of the operating system, and in many cases, it can hide its files, registry entries, running process and services, making the infection difficult to find, and extremely difficult to remove.

You can find the very substantial list of files and folders created by this application at Quick Heal.

If you are a victim of CoreGuard 2009, or other Rogue Security Software, the following removal solutions will be very useful.

411 Spyware – How to Remove CoreGuard Antivirus 2009. This site contains tools and instructions for removing most rogue software. If you have an interest in Internet related security issues, I recommend that you bookmark this site.

Bleeping Computer – Remove CoreGuard Antivirus 2009 (Removal Instructions). Bleeping Computer is a web site where help is available for many computer related problems, including the removal of rogue software.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications including the removal of CoreGuard2009.

MalwareBytes, a very reliable anti-malware company, offers the free version of MalwareBytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications. I recommend that you download and install this free application in any event and use it as a secondary malware scanner due to its strong overall performance.

Please note: A high degree of computer operating system knowledge is a prerequisite to the successful removal of Rogue Security Software. If you lack this experience, it would be preferable that you enlist the aid of a computer savvy friend, or a professional.

Despite using any, or all, of the recommended tools, you may find that Rogue software is still resident on your system. This is possible due to the number of variations involved with this type of malware. In such a case, reformatting of the Hard Drive and a clean installation of the operating system may be the only alternative.

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

When surfing the web – Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on your computer.

Install a personal firewall on your computer.

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

I have to hand it to these guys, they’re getting pretty good at their graphics, its easy to see how some people fall for this. The tough part is that they continuously update their package to change with the anti-malware guys definitions, and once their in they invite their friends in for the party. Get rid of one thing and something else pops up.

You’re so right. Frankly, if I got this type of infection I would reformat and reinstall. There is no sure way to tell if the infection has been eradicated otherwise. Definitely shows the need for a back-up plan.

Thanks for this.

Bill

Follow Tech Thoughts via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Blogroll

Daves Computer Tips
Our goal is, and always has been, “To become the best source of easy to understand, plain English computer and tech information on the internet while helping others to better understand computers and technology.”

Manitoulin Island Web Design
Pat Keenan here, at your service, but call me POKO – I’m a nighthawk staying up until all hours so if you need to call, kindly do so after 11AM.

Paul Andrew Russell ~ poet
An excellent poetry site written by my good friend. If you’re looking for prose to ponder then, drop in on Paul.

What's On My PC
The intent of this blog is to share my knowledge base of computers, software, gadgets and information technology in terms that is presentable and understandable to ALL; and at the same time feed my obsession for information technology by learning from oth